Deploy an operation as an endpoint to make it callable over HTTP. Optionally, configure the endpoint to require authentication or act as a webhook.
The HTTP path, method, body, and query parameters for calling your endpoint will vary with configuration. Consult the inline documentation on the Endpoints page to call your endpoint.
An endpoint can be publicly available, protected by sign-in, or protected by an API key.
Publicly available endpoints are callable without any form of authentication. They are typically called from client-side code like a web app or mobile app.
To configure your endpoint as publicly available, do not select Require API key or Require user sign-in.
Endpoints protected by an API key are authenticated by a query parameter
api_key. They are typically called from server-side code.
To protect your endpoint with an API key, select Require API key.
To manage your API key, navigate to Deploy > API Key.
An API key can be specified in a query parameter
api_keyor a HTTP header
Endpoints protected by user sign-in are authenticated by session cookies. They must be called from a web page where a user is signed-in.
To protect your endpoint with user sign-in, select Require user sign-in.
Some third-party services offer to send a HTTP request to a custom URL when an event occurs. This interaction is commonly referred to as a webhook.
To receive these HTTP requests, select Deploy as webhook. The inline documentation on the Endpoints page will include the URL to provide to the third-party.
Read more about deploying an operation as a webhook on our webhooks documentation.
To lock down the code for your deployed endpoints, you can deploy your application at a specific release at Deploy > Endpoints > Relase. Releases are marked by SemVer-formatted Git tags. You can specify the tag when you click the "Commit code" button in the editor. The default released tag is "latest", which always points to your most recent commit. These Git tags apply only to the committed files in the git repository-- components such as dependencies, production keys, and which endpoints are deployed are not affected by version. Take care to not remove production keys that your deployed application may rely on.